Secrecy and Verifiability: An Introduction to Electronic Voting

TL;DR

This paper introduces the core cryptographic principles of electronic voting, focusing on balancing ballot secrecy and verifiability, and explains fundamental concepts and research approaches for secure, reliable elections.

Contribution

It provides an accessible introduction to cryptographic methods for electronic voting, emphasizing the balance between secrecy and verifiability with minimal formalism.

Findings

Defines ballot secrecy and verifiability using game-based cryptography

Explains how cryptographic tools can balance secrecy and verification

Introduces research approaches to secure electronic voting systems

Abstract

Democracies are built upon secure and reliable voting systems. Electronic voting systems seek to replace ballot papers and boxes with computer hardware and software. Proposed electronic election schemes have been subjected to scrutiny, with researchers spotting inherent faults and weaknesses. Inspired by physical voting systems, we argue that any electronic voting system needs two essential properties: ballot secrecy and verifiability. These properties seemingly work against each other. An election scheme that is a complete black box offers ballot secrecy, but verification of the outcome is impossible. This challenge can be tackled using standard tools from modern cryptography, reaching a balance that delivers both properties. This tutorial makes these ideas accessible to readers outside electronic voting. We introduce fundamental concepts such as asymmetric and homomorphic encryption, which we use to describe a general electronic election scheme while keeping mathematical formalism minimal. We outline game-based cryptography, a standard approach in modern cryptography, and introduce notation for formulating elections as games. We then give precise definitions of ballot secrecy and verifiability in the framework of game-based cryptography. A principal aim is introducing modern research approaches to electronic voting.